* I previously blogged about Chris Wilson, the website operator who allowed users to post pornography and was then prosecuted for distributing pornography under state law. I argued then that such prosecutions were immunized by 230. According to AP, in January, Chris pleaded no contest to 5 counts of possession of obscene material (this news report sounds garbled; the crime of possessing obscene material, without more, should protected by Stanley v. Georgia). For this, in April, he was sentenced to 5 years probation.

* 310,000 consumers were affected by Lexis-Nexis’ data breach. Lexis-Nexis offered them a free year of credit monitoring services. Only 6% took Lexis-Nexis up on the offer, a number that’s similar to other such offers (Citibank only had a 4% signup rate). Bob Sullivan tries to figure out why. Among the theories:

– consumers discarded/ignored the notification as junk mail

– consumers were suspicious that the free offer wasn’t going to be free in the end

– consumers are apathetic about privacy issues

I have my own speculation about this, but I think the time for relying on intuition is long past. Instead, I think further empirical research is critical before more legislatures robotically rubber-stamp existing legislation designed to remediate data breaches. I remain suspicious that these mandated solutions are doing nothing to help the problem, and may in fact be exacerbating the problems.